Samsung Smart-TV without TLS-Certificate-Check?

The German security news page “heiseSecurity” reports from Black Hat that Samsungs Smart-TV is vulnerable to attacks from the internet (drive by and attacks via status messages of Skype contacts, since they do not install an official build of the Skype client, but something self-implemented) – that’s bad enough, but they did it even worse: the webkit browser that has been built by Samsung seem to not check SSL-/TLS-certificates. So that after an attack via the Skype-vulnerability that is able to change the DNS settings, you can simply redirect any SSL web traffic to your own site, without any warning for the user.

So another company that has been asked “How dumb can you be?” – And answered: “Challenge accepted!”